一包 卡7表现不佳

zzh161

趋势启发报了20个

promised

原帖由 zzh161 于 2007-5-28 21:20 发表
趋势启发报了20个

小声的说一句
PACKER。。。。。。令人浮想联翩

The EQs

不发表任何评论ing。。。。。现在不敢确定到底是不是viking。。。vba32乱报的能力也是很强的。。。仙剑的壳报鸽子。。还有不少的壳也乱报

scottxzt

Starting the file scan:

Begin scan in 'D:\Documents and Settings\dell\桌面\新建文件夹'
D:\Documents and Settings\dell\桌面\新建文件夹\
D:\Documents and Settings\dell\桌面\新建文件夹\Temp[1].part2.rar
  [0] Archive type: RAR
  --> Temp\Temp\srogm.exe
      [INFO]      Error multiple volume
  --> Temp\Temp\stpgldk.exe
      [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen
      [WARNING]   Infected files in archives cannot be repaired!
  --> Temp\Temp\svchost32.exe
      [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen
      [WARNING]   Infected files in archives cannot be repaired!
  --> Temp\Temp\svchost.exe
      [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen
      [WARNING]   Infected files in archives cannot be repaired!
  --> Temp\Temp\tlso0.dll
      [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen
      [WARNING]   Infected files in archives cannot be repaired!
  --> Temp\Temp\tlso.exe
      [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen
      [WARNING]   Infected files in archives cannot be repaired!
  --> Temp\Temp\wdso0.dll
      [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen
      [WARNING]   Infected files in archives cannot be repaired!
      [WARNING]   The file was ignored!
D:\Documents and Settings\dell\桌面\新建文件夹\Temp[1].part1.rar
  [0] Archive type: RAR
  --> Temp\Temp\wdso.exe
      [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen
      [WARNING]   Infected files in archives cannot be repaired!
  --> Temp\Temp\conime.exe
      [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen
      [WARNING]   Infected files in archives cannot be repaired!
  --> Temp\Temp\copypfh.exe
      [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen
      [WARNING]   Infected files in archives cannot be repaired!
  --> Temp\Temp\csrss.exe
      [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen
      [WARNING]   Infected files in archives cannot be repaired!
  --> Temp\Temp\ctfmon.exe
      [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen
      [WARNING]   Infected files in archives cannot be repaired!
  --> Temp\Temp\daso0.dll
      [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen
      [WARNING]   Infected files in archives cannot be repaired!
  --> Temp\Temp\daso.exe
      [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen
      [WARNING]   Infected files in archives cannot be repaired!
  --> Temp\Temp\IEXPLORE.EXE
      [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen
      [WARNING]   Infected files in archives cannot be repaired!
  --> Temp\Temp\mmc.exe
      [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen
      [WARNING]   Infected files in archives cannot be repaired!
  --> Temp\Temp\NhYPcmW.com
      [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen
      [WARNING]   Infected files in archives cannot be repaired!
  --> Temp\Temp\services.exe
      [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen
      [WARNING]   Infected files in archives cannot be repaired!
  --> Temp\Temp\smss.exe
      [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen
      [WARNING]   Infected files in archives cannot be repaired!
  --> Temp\Temp\spglsdr.exe
      [DETECTION] Is the Trojan horse TR/Crypt.NSPM.Gen
      [WARNING]   Infected files in archives cannot be repaired!
  --> Temp\Temp\srogm.exe
      [INFO]      Error multiple volume
      [WARNING]   The file was ignored!


End of the scan: 2007年5月28日  21:22
Used time: 00:28 min

The scan has been done completely.

      1 Scanning directories
     22 Files were scanned
     19 viruses and/or unwanted programs were found

wangjay1980

此毒是针对卡巴的，当然不会让你查出

zzh161

原帖由 promised 于 2007-5-28 21:21 发表

小声的说一句
PACKER。。。。。。令人浮想联翩

这个我试了下，不完全是报壳，但是报了的基本上都是病毒，没有什么问题

promised

VBA32可能报壳嫌疑，过几天我看看
现膜拜一下趋势杀软的报某壳能力，媲美红伞
是病毒和报壳有直接联系吗,LS可以去看一下逻辑方面的书籍

[ 本帖最后由 promised 于 2007-5-28 21:37 编辑 ]

The EQs

不仅仅是针对卡巴。。。。。同时还针对nod32

l784588

avast 报了,不错!

mhj144007

可憐的Dr.Web
NhYPcmW.com;C:\Documents and Settings\Mahaijun\桌面\Temp\Temp;BackDoor.Pomax;;